Have a look at ->
RSRack1SW3#
*Mar 1 00:40:24.675: %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to
recursive routing
*Mar 1 00:40:25.675: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Tunnel0, changed state to down
*Mar 1 00:40:25.679: Assert failure in ../src-vegas/vur_drv.c line 2439
RSRack1SW3#
Can somebody send me line 2439 that i can fix the problem ;D
Dienstag, 16. November 2010
Started INE CCIE R&S Lab Workbook Volume I for CCIEv4.0
Just started INE Vol I Workbook and finished
1. Bridging & Switching
2. Frame Relay
3. IP Routing
and did some VoD Review
1. Bridging & Switching
2. Frame Relay
3. IP Routing
and did some VoD Review
Dienstag, 5. Oktober 2010
Cisco CCIE 360 CIERS2 - Review
Now i had the CIERS2 course. The labs where quite difficult. The instructor said more difficult than the real exam. I hope so. There were really hard labs with Stateful NAT, OER (Optimized Edge Routing) and more sensless stuff :)
But the course gave me a good feeling for the questions. Know i know what they want and not to do. If you first face a CCIE-like exam, you sometimes don't know what they want.
My results
CIERS2-CA-LAB01 - 60 % - Avg 41 %
CIERS2-TA-LAB02 - 36 % - Avg 32 %
CIERS2-CA-LAB02 - 60 % - Avg 44 %
CIERS2-CA-LAB03 - 61 % - Avg 42 %
CIERS2-TA-LAB04 - 52 % - Avg 27 %
CIERS2-CA-LAB04 - 61 % - Avg 51 %
CIERS2-CA-LAB05 - 83 % - Avg 65 %
So i failed every lab, but on the other hand i'm at the beginning of lab study.
Troubleshooing in CCIE 360 is really hard. Nobody in the course had a passing score.
Now, that my I_NE rack is complete, i will start with IN_E Workbook Volume I
But the course gave me a good feeling for the questions. Know i know what they want and not to do. If you first face a CCIE-like exam, you sometimes don't know what they want.
My results
CIERS2-CA-LAB01 - 60 % - Avg 41 %
CIERS2-TA-LAB02 - 36 % - Avg 32 %
CIERS2-CA-LAB02 - 60 % - Avg 44 %
CIERS2-CA-LAB03 - 61 % - Avg 42 %
CIERS2-TA-LAB04 - 52 % - Avg 27 %
CIERS2-CA-LAB04 - 61 % - Avg 51 %
CIERS2-CA-LAB05 - 83 % - Avg 65 %
So i failed every lab, but on the other hand i'm at the beginning of lab study.
Troubleshooing in CCIE 360 is really hard. Nobody in the course had a passing score.
Now, that my I_NE rack is complete, i will start with IN_E Workbook Volume I
Sonntag, 5. September 2010
Dumbass Section : Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
#Topology#
#Symptom#
no ip traffic from 172.16.13.3 <-> 172.16.13.1
debug frame-relay packet on R3 gives following output
*Mar 1 15:32:12.917: Serial1/0: broadcast search
*Mar 1 15:32:12.917: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
#Resolution#
Ip routing was disabled from a previous configuration. It seems that IOS needs IP Routing enabled for encapsulation of IP packets on Frame Relay Links
Activate IP Routing on R3
R3#debug frame-relay packet
Frame Relay packet debugging is on
R3#ping 172.16.13.1 rep
R3#ping 172.16.13.1 repeat 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
*Mar 1 15:51:01.479: Serial1/0: broadcast search
*Mar 1 15:51:01.483: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
*Mar 1 15:51:01.483: Serial1/0: broadcast search
*Mar 1 15:51:01.483: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
*Mar 1 15:51:02.485: Serial1/0: broadcast search
*Mar 1 15:51:02.485: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
*Mar 1 15:51:02.485: Serial1/0: broadcast search
*Mar 1 15:51:02.485: Serial1/0:encaps failed on broadcast for link 38(BRIDGE).
Success rate is 0 percent (0/1)
R3#
*Mar 1 15:51:03.486: Serial1/0: broadcast search
*Mar 1 15:51:03.486: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
*Mar 1 15:51:03.486: Serial1/0: broadcast search
*Mar 1 15:51:03.486: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
*Mar 1 15:51:04.488: Serial1/0: broadcast search
*Mar 1 15:51:04.488: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
*Mar 1 15:51:04.488: Serial1/0: broadcast search
*Mar 1 15:51:04.488: Serial1/0:encaps failed on broadcast for link 38(BRIDGE)
R3#
R3#sh ip route
Default gateway is not set
Host Gateway Last Use Total Uses Interface
ICMP redirect cache is empty
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ip routing
R3(config)#exit
R3#sh ip route
*Mar 1 15:51:14.557: %SYS-5-CONFIG_I: Configured from console by console
R3#ping 172.16.13.1 repeat 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 172.16.13.1, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 60/60/60 ms
R3#
*Mar 1 15:51:17.393: Serial1/0(o): dlci 301(0x48D1), pkt type 0x800(IP), datagramsize 104
*Mar 1 15:51:17.449: Serial1/0(i): dlci 301(0x48D1), pkt type 0x800, datagramsize 104
R3#
Freitag, 3. September 2010
Cisco 360 CIERS1 - Review
This week i had the pleasure to take the CIERS1 course.
On the first day, i've done my first CCIE-like lab ever. The CIERS1-CA-LAB01.
My Score was 71/100 (Cisco states an average score on all attendants of 53/100)
So i think this was quite good for the first time.
Day 2-4 we had some lectures and smaller technology focussed labs (BGP,QoS,Multicast etc.)
But on the fifth day i made a momentous mistake, i didn't take the CIERS-CA-LAB02 guide to to the tasks. I used the CIERS-CA-LAB01-guide. So i wasted 3,5 hours on doing CIERS-CA-LAB01 on a preconfigured network for the CIERS-CA-LAB02. I wondered about the wrong configured IPs, but didn't thought about it too long. I was just hunting for full IGP reachability. After 3 hours i had full IGP reachability and realized that i used the wrong lab guide. This made my day. I was so frustrated, that i didn't had passion to really start again.
I was very angry about myself. I did a write-erase-reload on every device and started again. But now with CIERS1-CA-LAB02-guide. My motivation was below -39843 and i only got 14 out of 75 point. I'm really pissed. I mean really really pissed.
So remind -> ALWAYS READ THE ENTIRE LAB BEFORE YOU START !!!!!!
ALWAYS!!!!!!!!
The course consisted of 30 % lecture and 70 % labs.
- 1. Day - Assesment Lab (Frame Relay, Catalyst Configuration, IGP (OSPF,EIGRP,RIP), Reistribution,BGP)
- 2. Day - Review Assesment Lab and Technologys, Advanced BGP Lab (a bad next-hop issue)
- 3. Day - Review BGP, Review MPLS, Review Multicast, Multicast Lab
- 4. Day - Review QoS, QoS Lab, Troubleshooting Lab (CIERS-TA-LAB02 - 2 hours)
- 5. Day - Configuration Lab (CIERS-CA-LAB02 - 6 hours), Review Lab
My recommodations before go for the course :
- Master the Frame Relay-thing. I think younger network engineers (like me) don't understand Frame Relay at all, because they never ever used it. Frame-Relay is contained in every lab, i think. I will have to study on this section, especially the different ways of running OSPF over Frame Relay
- do a lot of small technology based-labs (master IGP) before you attend the course
- don't go there just after the written exam, the written exam is a piece of shit. Further study in every topic is necessary to get most out of CIERS1 (after this week, i have to admit that it was to early to attend this course)
On the first day, i've done my first CCIE-like lab ever. The CIERS1-CA-LAB01.
My Score was 71/100 (Cisco states an average score on all attendants of 53/100)
So i think this was quite good for the first time.
Day 2-4 we had some lectures and smaller technology focussed labs (BGP,QoS,Multicast etc.)
But on the fifth day i made a momentous mistake, i didn't take the CIERS-CA-LAB02 guide to to the tasks. I used the CIERS-CA-LAB01-guide. So i wasted 3,5 hours on doing CIERS-CA-LAB01 on a preconfigured network for the CIERS-CA-LAB02. I wondered about the wrong configured IPs, but didn't thought about it too long. I was just hunting for full IGP reachability. After 3 hours i had full IGP reachability and realized that i used the wrong lab guide. This made my day. I was so frustrated, that i didn't had passion to really start again.
I was very angry about myself. I did a write-erase-reload on every device and started again. But now with CIERS1-CA-LAB02-guide. My motivation was below -39843 and i only got 14 out of 75 point. I'm really pissed. I mean really really pissed.
So remind -> ALWAYS READ THE ENTIRE LAB BEFORE YOU START !!!!!!
ALWAYS!!!!!!!!
The course consisted of 30 % lecture and 70 % labs.
- 1. Day - Assesment Lab (Frame Relay, Catalyst Configuration, IGP (OSPF,EIGRP,RIP), Reistribution,BGP)
- 2. Day - Review Assesment Lab and Technologys, Advanced BGP Lab (a bad next-hop issue)
- 3. Day - Review BGP, Review MPLS, Review Multicast, Multicast Lab
- 4. Day - Review QoS, QoS Lab, Troubleshooting Lab (CIERS-TA-LAB02 - 2 hours)
- 5. Day - Configuration Lab (CIERS-CA-LAB02 - 6 hours), Review Lab
My recommodations before go for the course :
- Master the Frame Relay-thing. I think younger network engineers (like me) don't understand Frame Relay at all, because they never ever used it. Frame-Relay is contained in every lab, i think. I will have to study on this section, especially the different ways of running OSPF over Frame Relay
- do a lot of small technology based-labs (master IGP) before you attend the course
- don't go there just after the written exam, the written exam is a piece of shit. Further study in every topic is necessary to get most out of CIERS1 (after this week, i have to admit that it was to early to attend this course)
Mittwoch, 1. September 2010
Notes-Section : In OSPF, Loopbacks are always advertised as /32 except...
#Topology#
#Note#
In OSPF, Loopbacks are advertised as /32 as described in RFC2328 Section 9.1.
It is seemed as a stub host, because over a loopback, there will be no transit-traffic.
You can change this behavior with the ip ospf network point-to-point command on the Loopback-Interface. Have a look ->
#Config#
#Rack1R1#
Rack1R1#sh run int lo0
Building configuration...
Current configuration : 95 bytes
!
interface Loopback0
ip address 150.1.1.1 255.255.255.0
ip ospf network point-to-point
end
Rack1R1#
Rack1R1#sh ip ospf interface lo0
Loopback0 is up, line protocol is up
Internet Address 150.1.1.1/24, Area 0
Process ID 1, Router ID 150.1.1.1, Network Type POINT_TO_POINT, Cost: 1
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Supports Link-local Signaling (LLS)
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
Rack1R1#
Rack1R1#sh ip route 150.1.1.1
Routing entry for 150.1.1.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Loopback0
Route metric is 0, traffic share count is 1
Rack1R1#
Rack1R1#sh ip route 150.1.3.3
Routing entry for 150.1.3.3/32
Known via "ospf 1", distance 110, metric 66, type intra area
Last update from 164.1.13.3 on Serial0/1, 02:15:50 ago
Routing Descriptor Blocks:
* 164.1.13.3, from 150.1.3.3, 02:15:50 ago, via Serial0/1
Route metric is 66, traffic share count is 1
Rack1R1#
#Rack1R3#
Rack1R3#sh run int lo0
Building configuration...
Current configuration : 63 bytes
!
interface Loopback0
ip address 150.1.3.3 255.255.255.0
end
Rack1R3#
Rack1R3#sh ip ospf interface lo0
Loopback0 is up, line protocol is up
Internet Address 150.1.3.3/24, Area 0
Process ID 1, Router ID 150.1.3.3, Network Type LOOPBACK, Cost: 1
Loopback interface is treated as a stub Host
Rack1R3#
Rack1R3#sh ip route 150.1.1.1
Routing entry for 150.1.1.0/24
Known via "ospf 1", distance 110, metric 782, type intra area
Last update from 164.1.13.1 on Serial1/2, 02:17:59 ago
Routing Descriptor Blocks:
* 164.1.13.1, from 150.1.1.1, 02:17:59 ago, via Serial1/2
Route metric is 782, traffic share count is 1
Rack1R3#sh ip route 150.1.3.3
Routing entry for 150.1.3.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Loopback0
Route metric is 0, traffic share count is 1
Rack1R3#
Donnerstag, 26. August 2010
Passed CCIE Writtem Exam v4.0
During the exam, at question 12-13 after hard multicast and Cisco IOS Firewall, i thought that could be hard. But as closer to the end, i had a good feeling :) and finally got ->
Score 921/1000
Had 77 questions. It was really mixed, every thing was asked. From QoS, over Multicast with MSDP, a few and very easy Spanning-Tree questions,easy BGP ones,hard Cisco IOS Firewall questions (never done this), Routing-Scenarios are doable. Almost everything from the blueprint mixed-up. In September 09 i tried the CCIE R&S 4.0 beta but failed. 80 % of the questions were about Spanning-Tree in CCIE v4 beta. Really though questions about BPDU packets and things like that. I was very frigthened for Spanning-Tree today, but the questions were CCNA-level ones.
What i used for preparation ->
- Routing TCP/IP Vol1 and Vol2 as refresher - the compendium
- MPLS VPN Architectures - Peplnjak - the best MPLS VPN book - learn MPLS VPN in a day
- Deploying IPv6 Networks - ISBN 1-58705-210-5 - the IPv6 book, not like the normal ones "IPv6 has a greater address space" i can't hear it anymore
- Internet Routing Architectures - Sam Halabi - (best BGP book)-(2nd Edition) (ISBN 9781578702336)
- Cisco Documnetation
- Work experience -> 8 years -> 3 years as CCNP -> 2 years as CCIP
- BCMSN,MCAST,BSCI,ONT,ISCW materials from Gl*b*l kno*l*dge
Review befor written exam
- CCIE Routing and Swichting Exam Certification Guide, Third Edition - ISBN-13: 978-1-58720-196-7
- CCIE Routing and Switching Written Exam Blueprint -> Cisco Documentations and Configuration Guides
Just a perfect day ...
Score 921/1000
Had 77 questions. It was really mixed, every thing was asked. From QoS, over Multicast with MSDP, a few and very easy Spanning-Tree questions,easy BGP ones,hard Cisco IOS Firewall questions (never done this), Routing-Scenarios are doable. Almost everything from the blueprint mixed-up. In September 09 i tried the CCIE R&S 4.0 beta but failed. 80 % of the questions were about Spanning-Tree in CCIE v4 beta. Really though questions about BPDU packets and things like that. I was very frigthened for Spanning-Tree today, but the questions were CCNA-level ones.
What i used for preparation ->
- Routing TCP/IP Vol1 and Vol2 as refresher - the compendium
- MPLS VPN Architectures - Peplnjak - the best MPLS VPN book - learn MPLS VPN in a day
- Deploying IPv6 Networks - ISBN 1-58705-210-5 - the IPv6 book, not like the normal ones "IPv6 has a greater address space" i can't hear it anymore
- Internet Routing Architectures - Sam Halabi - (best BGP book)-(2nd Edition) (ISBN 9781578702336)
- Cisco Documnetation
- Work experience -> 8 years -> 3 years as CCNP -> 2 years as CCIP
- BCMSN,MCAST,BSCI,ONT,ISCW materials from Gl*b*l kno*l*dge
Review befor written exam
- CCIE Routing and Swichting Exam Certification Guide, Third Edition - ISBN-13: 978-1-58720-196-7
- CCIE Routing and Switching Written Exam Blueprint -> Cisco Documentations and Configuration Guides
Just a perfect day ...
Montag, 23. August 2010
Dumbass Mistakes (3) - No routes from one 6VPE to another 6VPE
#Topology#
#Symptom#
Die Routen von R1-CE war nur am R5-PE (vrf Customer), die R2-CE-Routen nur am R6-PE zu sehen.
#Resolution#
Beim zeichnen des Diagramms fällt es natürlich sofort auf, was hier schief geht. Einer der Sätze welche man in den Cisco-Büchern am häufigsten liest ->
"An autonomous system with internal BGP (IBGP) must have all of its IBGP peers connect to each other in a full mesh (where everyone speaks to everyone directly"
In der Beispielkonfig wurde eBGP Richtung Customer genutzt. Die CEs als Route-Reflector-client anzubinden wäre auch eine Lösung (funzt mit den c1841 - aber Achtung! Next-Hop anpassen)
#Symptom#
Die Routen von R1-CE war nur am R5-PE (vrf Customer), die R2-CE-Routen nur am R6-PE zu sehen.
#Resolution#
Beim zeichnen des Diagramms fällt es natürlich sofort auf, was hier schief geht. Einer der Sätze welche man in den Cisco-Büchern am häufigsten liest ->
"An autonomous system with internal BGP (IBGP) must have all of its IBGP peers connect to each other in a full mesh (where everyone speaks to everyone directly"
In der Beispielkonfig wurde eBGP Richtung Customer genutzt. Die CEs als Route-Reflector-client anzubinden wäre auch eine Lösung (funzt mit den c1841 - aber Achtung! Next-Hop anpassen)
Freitag, 20. August 2010
6VPE - BGP PE-CE - Beispielkonfiguration
#Topology#
6VPE is possible with Cisco 1841 Routers (R4,R5,R6) with c1841-adventerprisek9-mz.124-24.T.bin
R1 and R2 are 2610XM
#R1-CE#
R1-CE#sh run
Building configuration...
Current configuration : 1184 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1-CE
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
!
ipv6 unicast-routing
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
no ip address
ipv6 address 1::1/128
ipv6 enable
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001:1::1/64
ipv6 enable
!
interface Serial0/0
no ip address
shutdown
no fair-queue
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
router bgp 1
bgp router-id 1.0.0.1
bgp log-neighbor-changes
neighbor 2001:1::2 remote-as 65000
!
address-family ipv4
no neighbor 2001:1::2 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ipv6
neighbor 2001:1::2 activate
network 1::1/128
exit-address-family
!
!
!
ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
R1-CE#sh ipv6 int brief
FastEthernet0/0 [up/up]
FE80::20B:FDFF:FEBA:6A40
2001:1::1
Serial0/0 [administratively down/down]
FastEthernet0/1 [administratively down/down]
Serial0/1 [administratively down/down]
Loopback0 [up/up]
FE80::20B:FDFF:FEBA:6A40
1::1
R1-CE#sh ipv6 route
IPv6 Routing Table - 6 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
LC 1::1/128 [0/0]
via ::, Loopback0
B 2::2/128 [20/0]
via FE80::21A:2FFF:FE87:5C62, FastEthernet0/0
C 2001:1::/64 [0/0]
via ::, FastEthernet0/0
L 2001:1::1/128 [0/0]
via ::, FastEthernet0/0
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
R1-CE#sh ip bgp all
For address family: IPv4 Unicast
For address family: IPv6 Unicast
BGP table version is 17, local router ID is 1.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1::1/128 :: 0 32768 i
*> 2::2/128 2001:1::2 0 65000 2 i
R1-CE#
R1-CE#ping ipv6 2::2 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2::2, timeout is 2 seconds:
Packet sent with a source address of 1::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/12 ms
R1-CE#
#R5-PE#
R5-PE#sh run
Building configuration...
Current configuration : 1983 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5-PE
!
boot-start-marker
boot-end-marker
!
vrf definition Customer
rd 10.0.0.5:100
!
address-family ipv6
route-target export 100:100
route-target import 100:100
exit-address-family
!
logging message-counter syslog
logging buffered 16000
!
no aaa new-model
clock timezone MEZ 1
clock summer-time MESZ recurring last Sun Mar 2:00 last Sun Oct 3:00
dot11 syslog
ip source-route
!
!
!
!
ip cef
no ip domain lookup
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.0.0.5 255.255.255.255
!
interface FastEthernet0/0
vrf forwarding Customer
no ip address
duplex auto
speed auto
ipv6 address 2001:1::2/64
ipv6 enable
!
interface FastEthernet0/1
ip address 10.0.0.1 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface Serial0/0/0
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type cisco
!
router ospf 1
log-adjacency-changes
passive-interface default
no passive-interface FastEthernet0/1
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 65000
no synchronization
bgp router-id 1.0.0.5
bgp log-neighbor-changes
neighbor 1.0.0.6 remote-as 65000
neighbor 1.0.0.6 update-source Loopback0
neighbor 1.0.0.6 send-community extended
no auto-summary
!
address-family vpnv6
neighbor 1.0.0.6 activate
neighbor 1.0.0.6 send-community extended
exit-address-family
!
address-family ipv6 vrf Customer
neighbor 2001:1::1 remote-as 1
neighbor 2001:1::1 activate
no synchronization
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end
R5-PE#
R5-PE#sh ipv6 route vrf Customer
IPv6 Routing Table - Customer - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
B 1::1/128 [20/0]
via FE80::20B:FDFF:FEBA:6A40, FastEthernet0/0
B 2::2/128 [200/0]
via 1.0.0.6%Default-IP-Routing-Table, indirectly connected
C 2001:1::/64 [0/0]
via FastEthernet0/0, directly connected
L 2001:1::2/128 [0/0]
via FastEthernet0/0, receive
L FF00::/8 [0/0]
via Null0, receive
R5-PE#
R5-PE#sh ip bgp vpnv6 uni vrf Customer
BGP table version is 8, local router ID is 1.0.0.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10.0.0.5:100 (default for vrf Customer)
*> 1::1/128 2001:1::1 0 0 1 i
*>i2::2/128 ::FFFF:1.0.0.6 0 100 0 2 i
R5-PE#show mpls forward
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 19 1.0.0.6/32 0 Fa0/1 10.0.0.2
17 Pop Label 1.0.0.4/32 0 Fa0/1 10.0.0.2
18 Pop Label 10.0.1.0/30 0 Fa0/1 10.0.0.2
19 No Label 1::1/128[V] 1026 Fa0/0 FE80::20B:FDFF:FEBA:6A40
R5-PE#
#R4-P#
R4-P#sh run
Building configuration...
Current configuration : 981 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4-P
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
memory-size iomem 15
dot11 syslog
ip source-route
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.0.0.4 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.1.2 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip address 10.0.0.2 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface Serial0/0/0
no ip address
shutdown
no fair-queue
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end
R4-P#
R4-P#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
18 Pop Label 1.0.0.5/32 43595 Fa0/1 10.0.0.1
19 Pop Label 1.0.0.6/32 163416 Fa0/0 10.0.1.1
R4-P#
R4-P#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 3 subnets
O 1.0.0.5 [110/2] via 10.0.0.1, 05:30:57, FastEthernet0/1
C 1.0.0.4 is directly connected, Loopback0
O 1.0.0.6 [110/2] via 10.0.1.1, 11:54:16, FastEthernet0/0
10.0.0.0/30 is subnetted, 2 subnets
C 10.0.0.0 is directly connected, FastEthernet0/1
C 10.0.1.0 is directly connected, FastEthernet0/0
R4-P#
R4-P#sh ipv6 int brief
FastEthernet0/0 [up/up]
unassigned
FastEthernet0/1 [up/up]
unassigned
Serial0/0/0 [administratively down/down]
unassigned
SSLVPN-VIF0 [up/up]
unassigned
Loopback0 [up/up]
unassigned
R4-P#
#R6-PE#
R6-PE#sh run
Building configuration...
Current configuration : 1864 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6-PE
!
boot-start-marker
boot system flash c1841-adventerprisek9-mz.124-24.T3.bin
boot-end-marker
!
vrf definition Customer
rd 1.0.0.6:100
!
address-family ipv6
route-target export 100:100
route-target import 100:100
exit-address-family
!
logging message-counter syslog
logging buffered 160000
!
no aaa new-model
clock timezone MEZ 1
clock summer-time MESZ recurring last Sun Mar 2:00 last Sun Oct 3:00
dot11 syslog
ip source-route
!
!
!
!
ip cef
no ip domain lookup
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.0.0.6 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.1.1 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
vrf forwarding Customer
no ip address
duplex auto
speed auto
ipv6 address 2001:2::2/64
ipv6 enable
!
interface Serial0/0/0
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 65000
no synchronization
bgp router-id 1.0.0.6
bgp log-neighbor-changes
neighbor 1.0.0.5 remote-as 65000
neighbor 1.0.0.5 update-source Loopback0
neighbor 1.0.0.5 send-community extended
no auto-summary
!
address-family vpnv6
neighbor 1.0.0.5 activate
neighbor 1.0.0.5 send-community extended
exit-address-family
!
address-family ipv6 vrf Customer
neighbor 2001:2::1 remote-as 2
neighbor 2001:2::1 activate
no synchronization
exit-address-family
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
scheduler allocate 20000 1000
end
R6-PE#
R6-PE#sh ipv6 route vrf Customer
IPv6 Routing Table - Customer - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
B 1::1/128 [200/0]
via 1.0.0.5%Default-IP-Routing-Table, indirectly connected
B 2::2/128 [20/0]
via FE80::20B:FDFF:FEF9:2101, FastEthernet0/1
C 2001:2::/64 [0/0]
via FastEthernet0/1, directly connected
L 2001:2::2/128 [0/0]
via FastEthernet0/1, receive
L FF00::/8 [0/0]
via Null0, receive
R6-PE#
R6-PE#sh ip bgp vpnv6 uni vrf Customer
BGP table version is 12, local router ID is 1.0.0.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1.0.0.6:100 (default for vrf Customer)
*>i1::1/128 ::FFFF:1.0.0.5 0 100 0 1 i
*> 2::2/128 2001:2::1 0 0 2 i
R6-PE#sh mpls forward
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
19 No Label 2::2/128[V] 1026 Fa0/1 FE80::20B:FDFF:FEF9:2101
21 18 1.0.0.5/32 0 Fa0/0 10.0.1.2
22 Pop Label 10.0.0.0/30 0 Fa0/0 10.0.1.2
23 Pop Label 1.0.0.4/32 0 Fa0/0 10.0.1.2
R6-PE#
#R2-CE#
R2-CE#sh run
Building configuration...
Current configuration : 1075 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2-CE
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no network-clock-participate slot 1
no network-clock-participate wic 0
ip cef
!
!
!
!
!
ipv6 unicast-routing
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
no ip address
ipv6 address 2::2/128
ipv6 enable
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
ipv6 address 2001:2::1/64
ipv6 enable
!
router bgp 2
bgp router-id 1.0.0.2
bgp log-neighbor-changes
neighbor 2001:2::2 remote-as 65000
!
address-family ipv4
no neighbor 2001:2::2 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ipv6
neighbor 2001:2::2 activate
network 2::2/128
exit-address-family
!
!
!
ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
!
end
R2-CE#sh ipv6 int brief
FastEthernet0/0 [administratively down/down]
FastEthernet0/1 [up/up]
FE80::20B:FDFF:FEF9:2101
2001:2::1
Loopback0 [up/up]
FE80::20B:FDFF:FEF9:2100
2::2
R2-CE#sh ipv6 route
IPv6 Routing Table - 6 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
B 1::1/128 [20/0]
via FE80::226:CBFF:FE2E:41AF, FastEthernet0/1
LC 2::2/128 [0/0]
via ::, Loopback0
C 2001:2::/64 [0/0]
via ::, FastEthernet0/1
L 2001:2::1/128 [0/0]
via ::, FastEthernet0/1
L FE80::/10 [0/0]
via ::, Null0
L FF00::/8 [0/0]
via ::, Null0
R2-CE#ping 2::2 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2::2, timeout is 2 seconds:
Packet sent with a source address of 2::2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/1/4 ms
R2-CE#
R4,R5,R6 = c1841
R1,R2 = c2610xm
Dienstag, 17. August 2010
Multicast - Sparse-Mode - Static RP - Beispielkonfiguration
Topology
#R1#
R1#sh ip int brief | excl unassig
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10.0.0.1 YES manual up up
Loopback0 1.1.1.1 YES manual up up
R1#
R1#sh run | incl multicast
R1#
R1#sh ip route | incl 2.2.2.2
O 2.2.2.2 [110/5] via 10.0.0.2, 00:48:08, FastEthernet0/0
R1#
R1#sh run int fa 0/0
!
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.252
duplex auto
speed auto
R1#sh run int lo0
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
R1#
#SW1
SW1#sh ip int brief | excl unassi
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 10.0.0.2 YES manual up up
FastEthernet0/5 10.0.0.5 YES manual up up
FastEthernet0/19 10.0.0.13 YES manual up up
SW1#
SW1#sh run int fa 0/1
!
interface FastEthernet0/1
no switchport
ip address 10.0.0.2 255.255.255.252
ip pim sparse-mode
SW1#sh run int fa 0/5
!
interface FastEthernet0/5
no switchport
ip address 10.0.0.5 255.255.255.252
ip pim sparse-mode
SW1#sh run int fa 0/19
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.13 255.255.255.252
ip pim sparse-mode
SW1#
SW1#sh ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel
Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 00:06:47/stopped, RP 5.5.5.5, flags: SPF
Incoming interface: FastEthernet0/5, RPF nbr 10.0.0.6
Outgoing interface list: Null
(10.0.0.1, 239.0.0.1), 00:02:09/00:01:27, flags: FT
Incoming interface: FastEthernet0/1, RPF nbr 0.0.0.0, Registering
Outgoing interface list:
FastEthernet0/19, Forward/Sparse, 00:02:09/00:02:50, H
FastEthernet0/5, Forward/Sparse, 00:00:44/00:03:19, H
(*, 224.0.1.40), 01:33:57/00:02:04, RP 5.5.5.5, flags: SJCL
Incoming interface: FastEthernet0/5, RPF nbr 10.0.0.6
Outgoing interface list:
FastEthernet0/1, Forward/Sparse, 01:33:57/00:02:04
SW1#
SW1#sh run | incl rp
ip pim rp-address 5.5.5.5
SW1#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s): 224.0.0.0/4, Static
RP: 5.5.5.5 (?)
SW1#sh ip pim neigh
PIM Neighbor Table
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.14 FastEthernet0/19 01:16:25/00:01:35 v2 1 / DR S
10.0.0.6 FastEthernet0/5 00:02:08/00:01:37 v2 1 / DR S
SW1#
SW1#sh run
!
ip routing
!
ip multicast-routing
!
interface FastEthernet0/1
no switchport
ip address 10.0.0.2 255.255.255.252
ip pim sparse-mode
!
interface FastEthernet0/5
no switchport
ip address 10.0.0.5 255.255.255.252
ip pim sparse-mode
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.13 255.255.255.252
ip pim sparse-mode
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
!
ip pim rp-address 5.5.5.5
!
SW1#
#R5#
R5#sh ip int brief | excl unassi
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10.0.0.6 YES manual up up
FastEthernet0/1 10.0.0.9 YES manual up up
Loopback0 5.5.5.5 YES manual up up
R5#
R5#sh run int fa 0/0
!
interface FastEthernet0/0
ip address 10.0.0.6 255.255.255.252
ip pim sparse-mode
duplex auto
speed auto
end
R5#sh run int fa 0/1
!
interface FastEthernet0/1
ip address 10.0.0.9 255.255.255.252
ip pim sparse-mode
duplex auto
speed auto
!
R5#sh run int lo0
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
ip pim sparse-mode
!
R5#sh ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 02:13:57/00:03:27, RP 5.5.5.5, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
FastEthernet0/1, Forward/Sparse, 01:45:04/00:03:27
(10.0.0.1, 239.0.0.1), 00:00:07/00:02:52, flags:
Incoming interface: FastEthernet0/0, RPF nbr 10.0.0.5
Outgoing interface list:
FastEthernet0/1, Forward/Sparse, 00:00:07/00:03:27
(*, 224.0.1.40), 02:49:50/00:02:33, RP 5.5.5.5, flags: SJCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
FastEthernet0/0, Forward/Sparse, 00:05:32/00:02:54
FastEthernet0/1, Forward/Sparse, 02:46:48/00:02:34
Loopback0, Forward/Sparse, 02:49:50/00:02:33
R5#
R5#sh run | incl rp
ip pim rp-address 5.5.5.5
R5#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s): 224.0.0.0/4, Static
RP: 5.5.5.5 (?)
R5#sh ip pim nei
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
S - State Refresh Capable
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.5 FastEthernet0/0 00:07:21/00:01:19 v2 1 / S
10.0.0.10 FastEthernet0/1 01:26:35/00:01:18 v2 1 / DR S
R5#
R5#sh run
!
ip cef
ip multicast-routing
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
ip pim sparse-mode
!
interface FastEthernet0/0
ip address 10.0.0.6 255.255.255.252
ip pim sparse-mode
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.0.0.9 255.255.255.252
ip pim sparse-mode
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
!
ip pim rp-address 5.5.5.5
!
R5#
#SW3#
SW3#sh ip int brief | excl una
Interface IP-Address OK? Method Status Protocol
FastEthernet0/5 10.0.0.10 YES manual up up
FastEthernet0/19 10.0.0.18 YES manual up up
SW3#
SW3#sh run int fa 0/5
Building configuration...
Current configuration : 130 bytes
!
interface FastEthernet0/5
no switchport
ip address 10.0.0.10 255.255.255.252
ip pim sparse-mode
end
SW3#sh run int fa 0/19
Building configuration...
Current configuration : 107 bytes
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.18 255.255.255.252
ip pim sparse-mode
end
SW3#
SW3#sh ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel
Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 01:49:10/00:02:43, RP 5.5.5.5, flags: S
Incoming interface: FastEthernet0/5, RPF nbr 10.0.0.9
Outgoing interface list:
FastEthernet0/19, Forward/Sparse, 01:49:10/00:02:43, H, A
(10.0.0.1, 239.0.0.1), 00:04:04/00:02:13, flags: PR
Incoming interface: FastEthernet0/5, RPF nbr 10.0.0.9
Outgoing interface list: Null
(*, 224.0.1.40), 01:56:47/00:03:27, RP 5.5.5.5, flags: SJCL
Incoming interface: FastEthernet0/5, RPF nbr 10.0.0.9
Outgoing interface list:
FastEthernet0/19, Forward/Sparse, 01:56:48/00:03:27
SW3#
SW3#sh run | incl rp
ip pim rp-address 5.5.5.5
SW3#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s): 224.0.0.0/4, Static
RP: 5.5.5.5 (?)
SW3#sh ip pim nei
PIM Neighbor Table
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.17 FastEthernet0/19 03:01:34/00:01:26 v2 1 / S
10.0.0.9 FastEthernet0/5 01:30:18/00:01:29 v2 1 / S
SW3#
SW3#sh run
!
ip routing
!
ip multicast-routing
!
interface FastEthernet0/5
no switchport
ip address 10.0.0.10 255.255.255.252
ip pim sparse-mode
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.18 255.255.255.252
ip pim sparse-mode
!
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
!
ip pim rp-address 5.5.5.5
!
SW3#
#SW4#
SW4#sh ip int brief | excl unassi
Interface IP-Address OK? Method Status Protocol
FastEthernet0/13 10.0.0.14 YES manual up up
FastEthernet0/16 10.0.0.21 YES manual up up
FastEthernet0/19 10.0.0.17 YES manual up up
SW4#
SW4#sh run int fa 0/13
!
interface FastEthernet0/13
no switchport
ip address 10.0.0.14 255.255.255.252
ip pim sparse-mode
end
SW4#sh run int fa 0/16
!
interface FastEthernet0/16
no switchport
ip address 10.0.0.21 255.255.255.252
ip pim sparse-mode
!
SW4#sh run int fa 0/19
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.17 255.255.255.252
ip pim sparse-mode
end
SW4#
SW4#sh ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel
Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 01:53:04/00:02:54, RP 5.5.5.5, flags: S
Incoming interface: FastEthernet0/19, RPF nbr 10.0.0.18
Outgoing interface list:
FastEthernet0/16, Forward/Sparse, 01:53:04/00:02:54, H
(10.0.0.1, 239.0.0.1), 00:08:09/00:03:24, flags: T
Incoming interface: FastEthernet0/13, RPF nbr 10.0.0.13
Outgoing interface list:
FastEthernet0/16, Forward/Sparse, 00:08:09/00:02:54, H
(*, 224.0.1.40), 03:09:40/00:02:35, RP 5.5.5.5, flags: SJL
Incoming interface: FastEthernet0/19, RPF nbr 10.0.0.18
Outgoing interface list:
FastEthernet0/16, Forward/Sparse, 01:53:05/00:02:38
SW4#
SW4#sh run | incl multicast
ip multicast-routing
SW4#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s): 224.0.0.0/4, Static
RP: 5.5.5.5 (?)
SW4#sh ip pim nei
SW4#sh ip pim neighbor
PIM Neighbor Table
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.18 FastEthernet0/19 03:05:31/00:01:26 v2 1 / DR S
10.0.0.13 FastEthernet0/13 01:29:16/00:01:39 v2 1 / S
10.0.0.22 FastEthernet0/16 02:12:26/00:01:27 v2 1 / DR S
SW4#
SW4#sh run
!
ip multicast-routing
!
!
interface FastEthernet0/13
no switchport
ip address 10.0.0.14 255.255.255.252
ip pim sparse-mode
!
interface FastEthernet0/16
no switchport
ip address 10.0.0.21 255.255.255.252
ip pim sparse-mode
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.17 255.255.255.252
ip pim sparse-mode
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip pim rp-address 5.5.5.5
!
SW4#
#SW2#
SW2#sh ip int brief | excl assi
Interface IP-Address OK? Method Status Protocol
FastEthernet0/2 10.0.0.25 YES manual up up
FastEthernet0/19 10.0.0.22 YES manual up up
SW2#
SW2#sh run int fa0/2
Building configuration...
Current configuration : 106 bytes
!
interface FastEthernet0/2
no switchport
ip address 10.0.0.25 255.255.255.252
ip pim sparse-mode
end
SW2#sh run int fa0/19
Building configuration...
Current configuration : 107 bytes
!
interface FastEthernet0/19
no switchport
ip address 10.0.0.22 255.255.255.252
ip pim sparse-mode
end
SW2#
SW2#sh ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel
Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 02:15:16/stopped, RP 5.5.5.5, flags: SJC
Incoming interface: FastEthernet0/19, RPF nbr 10.0.0.21
Outgoing interface list:
FastEthernet0/2, Forward/Sparse, 00:00:35/00:02:46, H
(10.0.0.1, 239.0.0.1), 00:11:51/00:02:58, flags: JT
Incoming interface: FastEthernet0/19, RPF nbr 10.0.0.21
Outgoing interface list:
FastEthernet0/2, Forward/Sparse, 00:00:35/00:02:46, H
(*, 224.0.1.40), 02:15:54/00:02:54, RP 5.5.5.5, flags: SJPCL
Incoming interface: FastEthernet0/19, RPF nbr 10.0.0.21
Outgoing interface list: Null
SW2#
SW2#sh run | incl multi
ip multicast-routing
SW2#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s): 224.0.0.0/4, Static
RP: 5.5.5.5 (?)
SW2#sh ip pim neigh
PIM Neighbor Table
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.21 FastEthernet0/19 02:15:52/00:01:42 v2 1 / S
SW2#
SW2#sh run
!
ip routing
!
ip multicast-routing
!
interface FastEthernet0/2
no switchport
ip address 10.0.0.25 255.255.255.252
ip pim sparse-mode
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip pim rp-address 5.5.5.5
!
SW2#
#R2#
R2#sh ip int brief | excl unassi
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10.0.0.26 YES manual up up
Loopback0 2.2.2.2 YES manual up up
R2#
R2#sh run int lo0
Building configuration...
Current configuration : 63 bytes
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
end
R2#sh run int fa 0/0
Building configuration...
Current configuration : 126 bytes
!
interface FastEthernet0/0
ip address 10.0.0.26 255.255.255.252
ip igmp join-group 239.0.0.1
duplex auto
speed auto
end
R2#
R2#sh run | incl multicast
R2#
R2#sh run
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 10.0.0.26 255.255.255.252
ip igmp join-group 239.0.0.1
duplex auto
speed auto
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
R2#
Redundanz-Test (disablen SW1 fa0/5)
Hier ist noch ein Trace-File vom PIMv2-Register/Register-Stop vom SW1 zum RP (R5), nachdem SW1 fa0/5 zum Redundanz-Test disabled wurde. Danach geht der Multicast-Flow ohne Encapsulation durch.
Damit der Traffic-Flow analog dem Schaubild läuft ist natürlich ein "ip pim spt-threshold infinite" notwendig, um den ShortestPathTree zu vermeiden.
Montag, 16. August 2010
Dumbass Mistakes (2) - No input access group defined
#Topology# : Router1 fa0/13 <----------------> Router2 fa0/13
#Symptom# : Kein Access auf Device
Router2#telnet 10.0.0.1
Trying 10.0.0.1 ... Open
User Access Verification
Username: c
Password:
No input access group defined for FastEthernet0/13.
[Connection to 10.0.0.1 closed by foreign host]
Router2#
#Resolution# : Auf line vty lag noch ein autocommand von der IN_E Konfig.Access-Enable ist ein lock-and-key feature. Wenn das Feature genutzt werden soll.
Muss auf Fa0/13 eine dynamische Inbound-ACL gebunden werden, diese schaltet dann den Telnet-Zugriff frei. Also entweder passende dynamic-ACL für Mgmt oder disablen.
Router1#sh run | begin line vty
line vty 0
privilege level 15
password c
login local
autocommand access-enable host timeout 10
transport input telnet
Router1(config)#line vty 0
Router1(config-line)#no autocommand
Multicast - Implementing Multicast (MCAST V1.0) - PIM SSM (7)
- delivery modell for one-to-many distribution
- allows immediate use of shortest forwarding path to a specific source, without need to create shared tree
- only source-specific multicast distribution trees (not shared trees) are created
- RFC 3569
- IGMP Version 3 supports source filtering, which is required for SSM
- SSM must be supported by host, router and application
- receivers must subscribe or unsubscribe to (S, G) channels to receive or not receive traffic from specific sources
- does not require an RP, so there is no need for an RP mechanism such as Auto-RP, MSDP, or bootstrap router (BSR).
- IGMPv3 is used by host, to receive traffic only from specific sources
- only last-hop-router needs to be SSM capable
- you must use sparse-mode on
PIM SSM Configuration
Router1(config)#ip multicast-routing
Router1(config)#ip pim ssm default ! for all groups
Router1(config)#ip pim ssm range ACL123 ! for specifig groups
Router1(config-if)# ip igmp version 3 ! enable IGMP v3 on interface
Have a look at Cisco IOS Multicast Configuration GuideMulticast - Implementing Multicast (MCAST V1.0) - PIM Bi-Dir (6)
- idea:use the sam tree for traffic from sources toward RP an from RP to receivers
- benefits: less states in routers (many sources for the same group produce one (*,G) only
- traffic forwarded natively (hop-by-hop) toward RP rather than registered (designated forwarders)
- initally routers responsible for sending (*,G) Joins toward RP and routers responsible for forwarding group traffic toward RP have to identify the group as bidir
- DF (designated forwarder) Router on the Link with the best unicast route to RP
- DF for a particular BiDir PIM group exists on every link within a PIM domain (also p2p)
- Receiver join toward RP
* no changes, PIM SM (*,G) joins are forwarded by last-hop designated router toward RP serving the group.
- when router receives join for bidir group it must determine if it is the DF on the link, if it is DF, it follows normal (*,G) join procedure otherwise discard the join
Designated Forwarder Election
- elets the router on the link with the best paths to the RP
- ensures all routers on link have a consistent view
- unicast routing metrics used to decide between paths through different routers
- DF Election Messages
* Offer - used to advertise local metrics to reach the RP
* Winner - used by DF to announcing its status
* Backoff - used by DF upon receipt of a better Offer
* Pass - used by DF to pass DF responsiblity to better candidate
-DF dies : downstream router will notice a change in the RPF provided by unicast routing
-DF advantages
* enforces a single forwarder for traffic in both directions between a link and the rp
* responsible for originating joins for local receivers
* eliminating loops that were previously possible because of DR placement
Configuring PIM-bidir (BSR)
Router1(config)#ip pim bidir-enable
Router1(config)#ip access-list standard ACL123
Router1(config-std-nacl)#permit host 239.0.0.1
Router1(config)#ip pim rp-candidate Loopback0 group-list ACL123 bidir
!239.0.0.1 as PIM-SM-Bidir, deny ip any any -> PIM DM
Router1(config)#ip pim bsr-candidate Loopback0 4
Note:By default a bidirectional RP advertises all groups as bidirectionaConfiguring PIM-bidir (AutoRP)
Router1(config)#ip pim bidir-enable
Router1(config)#ip access-list standard ACL123
Router1(config-std-nacl)#permit host 239.0.0.1
Router1(config)#ip pim send-rp-announce Loopback0 scope 10 group-list ACL123 bidir
!239.0.0.1 as PIM-SM-Bidir, deny ip any any -> PIM DM
Look if AutoRP is running
Router1#sh ip pim autorp
AutoRP Information:
AutoRP is enabled.
Router1#
Also see Cisco IOS Multicast Configuration Guide
Multicast - Implementing Multicast (MCAST V1.0) - PIM SM (5)
- RFC 2362
- explicit join behavior
* Receivers join RP
* Source regsiter with RP
- RPF Check
* shortest tree uses RP address
* Source tree uses multicast source address
- one RP for a group
- RP statically configured or dynamic (AutoRP, PIMv2 BSR)
PIM-SM Sender Registration
- first-hop-source-router register (with unicast) with RP
- RP sends joins to the source to build SPT from source to RP
- when RP receiving multicast traffic from the source it sends a PIM register-stop message to the firt-hop-source-router
PIM SM SPT Switchover
- PIM has the capability to bypass RP when traffic rate is above configured threshold (default 0)
PIM SM v2 packets
- PIM Hello / PIM Query in PIMv1
- PIM Join / Prune (prunes used to cut off traffic)
- PIM Register / Register Stop
- Rendevouz Point announcement
* Bootstrap mechanism PIM Boostrap and Candidate-RP-advertisement
* Auto-RP mechanism, cisco-announce and Cisco-Discovery /Cisco addition to PIMv1)
* RP-reachability (Cisco-specific)
PIM Neighbor Discovery
- 224.0.0.13 - PIMv2 Hellos every 30 sec
- 224.0.0.2 - PIMv1 Queries
- DR election, responsible for join, register on multiaccess networks
- PIM State
* used to make multicast traffic forwarding decision
* (*,G) and (S,G) entries
- each entry contains RPF infos
- each entry contains OIL (outgoing interface list
PIM SM State Rules
- (*,G) creation - receipt of a join or IGMP report, reflects default group forwarding, deletion when OIL = nll and no (S,G) exists
- (S,G) creation - by receipt of (S,G) join or Prune, by receipt of traffic from directyl connected, OIL=copy of (*,G) minus IIF, deletion by timeout)
PIM SM State Flags
- S=Sparse Mode, C=directly connected Host, L=Local Router, P=Pruned (all interfaces in OIL=pruned), T=Forwarding in SPT, J=Join SPT (if SPT-Threshold exceeded),F=Register,R=RP bit
PIM SM Joining
- senders begin sourcing multicast traffic
- first-hop-router unicasts register to RP
- RP sends (S,G) join toward source/first hop router
PIM SM Configuration
Enabling Multicast-Routing
Router1(config)#ip multicast-routing
Enabling Sparse-Mode on Interface | Sparse-Dense-Mode (mixed)
Router1(config-if)#ip pim sparse-mode | ip pim sparse-dense-mode
Threshold for SPT Switchover
Router1(config)#ip pim spt-threshold 200 group-list 1
Never switchover to SPT
Router1(config)#ip pim spt-threshold infinity
Set Rendevouz Point (RP) (override = override dynamic learned RP)
Router1(config)#ip pim rp-address 3.3.3.3 [override]
Show RPs and Group-to-RP-Mappings
Router1#show ip pim rp
Group: 239.0.0.1, RP: 3.3.3.3, next RP-reachable in 00:00:13
Group: 224.0.1.40, RP: 3.3.3.3, next RP-reachable in 00:00:13
Router1#show ip pim rp map
Router1#show ip pim rp mapping
PIM Group-to-RP Mappings
Acl: 3, Static
RP: 150.1.3.3 (?)
Acl: 4, Static
RP: 150.1.4.4 (?)
Group(s): 224.0.0.0/4, Static-Override
RP: 3.3.3.3 (?)
Router1#
Show all PIM neighbors
Router1#show ip pim neighbor
PIM Neighbor Table
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.2 FastEthernet0/13 00:01:32/00:01:40 v2 1 / DR S
Router1#
Show all PIM-configured interfaces
Router1#show ip pim interface
Address Interface Ver/ Nbr Query DR DR
Mode Count Intvl Prior
3.3.3.3 Loopback0 v2/S 0 30 1 3.3.3.3
10.0.0.1 FastEthernet0/13 v2/S 1 30 1 10.0.0.2
Router1#
Debugging see PIM-DM-Blog-entry....
Sonntag, 15. August 2010
Eigenes Lab (2)
Ich habe mich nun doch entschieden auf die 3560 zu verzichten und hab bei Ebay zwei 3550 für 450 Euro geschossen.
Jetzt fehlt mir nur noch ein kleiner BB2(2500),7 x CAB60-Kabel und der R6 (1841).
Kommt aber alles im Laufe der Woche.
Topology ist ähnlich der IN_E, bei meiner Topology hat jedoch jeder Router 2 FastEthernet-Beine.
Topology:
Topology (Frame Relay):
Rackbilder:
Jetzt fehlt mir nur noch ein kleiner BB2(2500),7 x CAB60-Kabel und der R6 (1841).
Kommt aber alles im Laufe der Woche.
Topology ist ähnlich der IN_E, bei meiner Topology hat jedoch jeder Router 2 FastEthernet-Beine.
Topology:
Topology (Frame Relay):
Rackbilder:
Freitag, 13. August 2010
Protokolle / Wireshark / PCAPs / Dumps
Hab mir mal die Mühe gemacht, PCAPs verschiedener Protokolle zu erstellen.
Die Section wird noch wachsen...
OSPF Hello (IPv4)
EIGRP Hello (IPv4)
RIP Version 2 Response (Broadcast) - "ip rip v2-broadcast" auf dem Interface
RIP Version 2 Request (Broadcast) - "ip rip v2-broadcast" auf dem Interface
RIP Version 2 Request (Multicast)
RIP Version 2 Response (Unicast) - "neighbor x.x.x." unter "router rip"
RIP Version 1 Response (Broadcast)
RIP Version 1 Request (Broadcast)
PIMv1 Join Prune
PIMv1 Query
PIMv1 Query (Dense)
PIMv1 Query (Sparse)
PIMv1 RP-reachable
PIMv2 Hello
PIMv2 Bootstrap announcement (BSR)
PIMv2 Register/Register-Stop-normaler MC Flow
PIMv2 Register
PIMv2 Register-Stop
IGMPv1 Membership Report
IGMPv2 Membership Query (general)
IGMPv2 Membership Join AutoRP
IGMPv2 Membership Join Group
IGMPv2 Leave Group
IGMPv3 Membership Query (group-specific)
IGMPv3 Membership Query (general)
CGMP (inital to inform switch that there's a MC router)
CGMP-Join
Telnet
CDP (Cisco 3550)
LDP (Label Distribution Protocol)
Spanning-Tree BPDU (Bridge Protocol Data Unit)
Spanning-Tree BPDU + TC Flag (Topology Change)
Rapid Spanning-Tree BPDU
Rapid Spanning Tree BPDU + TC Flag
DTP (Dynamic Trunking Protocol)
HSRP (Hot Standby Router Protocol)
Die PCAPs dürfen nur zu Studienzwecken genutzt werden. Eine Veröffentlichung auf eigenen Seiten,Blogs etc. ist nicht erlaubt.
Die Section wird noch wachsen...
OSPF Hello (IPv4)
EIGRP Hello (IPv4)
RIP Version 2 Response (Broadcast) - "ip rip v2-broadcast" auf dem Interface
RIP Version 2 Request (Broadcast) - "ip rip v2-broadcast" auf dem Interface
RIP Version 2 Request (Multicast)
RIP Version 2 Response (Unicast) - "neighbor x.x.x." unter "router rip"
RIP Version 1 Response (Broadcast)
RIP Version 1 Request (Broadcast)
PIMv1 Join Prune
PIMv1 Query
PIMv1 Query (Dense)
PIMv1 Query (Sparse)
PIMv1 RP-reachable
PIMv2 Hello
PIMv2 Bootstrap announcement (BSR)
PIMv2 Register/Register-Stop-normaler MC Flow
PIMv2 Register
PIMv2 Register-Stop
IGMPv1 Membership Report
IGMPv2 Membership Query (general)
IGMPv2 Membership Join AutoRP
IGMPv2 Membership Join Group
IGMPv2 Leave Group
IGMPv3 Membership Query (group-specific)
IGMPv3 Membership Query (general)
CGMP (inital to inform switch that there's a MC router)
CGMP-Join
Telnet
CDP (Cisco 3550)
LDP (Label Distribution Protocol)
Spanning-Tree BPDU (Bridge Protocol Data Unit)
Spanning-Tree BPDU + TC Flag (Topology Change)
Rapid Spanning-Tree BPDU
Rapid Spanning Tree BPDU + TC Flag
DTP (Dynamic Trunking Protocol)
HSRP (Hot Standby Router Protocol)
Die PCAPs dürfen nur zu Studienzwecken genutzt werden. Eine Veröffentlichung auf eigenen Seiten,Blogs etc. ist nicht erlaubt.
Donnerstag, 12. August 2010
Dumbass Mistakes (1) - Keine Labels für Global-Routing-Table Prefixe
#Topology#
#Symptom# : Keine Outgoing Labels für Prefixe innerhalb der Global-Routing-Table
test
Symptom : Kein Outgoing Label für PE2's Loopback
PE2#sh ip route | incl 10.0.0.1/32
O 10.0.0.1/32 [110/3] via 10.2.2.1, 1d17h, FastEthernet1/0
PE2#
PE2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 No Label 10.0.0.1/32 0 Fa1/0 10.2.2.1
17 No Label 10.0.0.10/32 0 Fa1/0 10.2.2.1
18 No Label 10.1.1.0/30 0 Fa1/0 10.2.2.1
20 Pop Label 22::22/128 0 aggregate
PE2#
#Resolution# Auf dem P Router-Interface (fa1/0) in Richtung PE1 kein "mpls ip" konfiguriert. Kein durchgängiger LSP (Label Switch Path)
test
PE2#sh ip route | incl 10.0.0.1/32
O 10.0.0.1/32 [110/3] via 10.2.2.1, 1d17h, FastEthernet1/0
PE2#
PE2#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 16 10.0.0.1/32 0 Fa1/0 10.2.2.1
17 Pop Label 10.0.0.10/32 0 Fa1/0 10.2.2.1
18 Pop Label 10.1.1.0/30 0 Fa1/0 10.2.2.1
20 Pop Label 22::22/128 0 aggregate
PE2#
Multicast - Implementing Multicast (MCAST V1.0) - PIM DM (4)
- push modell, traffic is initially flooded to all PIM neighbors
- multicast forwarding state is created at arrival of data (data driven)
- if source goes down -> the tree torn down
- PIM DM assumes that listeners are "densely" (dicht gedrängt) populated
- after initial flooding, branches with no group members send prune message (Router resets prune timer every 3 mins and starts flooding again)
- (S,G) state is created by the arrival of (S,G) multicast traffic
- (S,G) state is deleted when sources goes inactive and no multicast traffic is received by the router for 3 minutes
- control (control messages) and data plane (multicast traffic forwarding) are the same
- Grafts to reduce join latency when a branch was pruned -> if no graft -> have to wait up to 3 mins (initial flooding)
- Asserts - determine forwarder on multiaccess LANs
- Prunes on non-RPF p2p links
- Asserts on non-RPF multiaccess links
PIM Packets
- PIM hello, join/prune, graft/graft back, assert
- PIMv1 uses IGMP (Type 0x14)
- PIMv2 uses IP packets (protocol ID 103)
PIM Packet header
0-3 bits - PIM Ver
4-7 bits - Type
8-15 bits - Reserved (set to zero)
16-31 bits - Checksum
Encoded-Unicast Address (e.g. in a PIM join)
0-7 bits - Address Family (IPv4,IPv6)
8-15 bits - Encoded Type used within Address Family
16-23 bits - Reserved
24-31 bits - Mask Length
32-63 bits - Unicast Address
Encoded-Group-Address
0-7 bits - Address Family
8-15 bits - Encoded Type used within Address Family
16-23 bits - Reserved
24-31 bits - Group Multicast Address
Encoded-Source-Address
0-7 bits - Address Family
8-15 bits - Encoded Type used within Address Family
16-20 bits - Reserved
21 bit - Sparse bit
22 bit - Wildcard bit (1 Join/Prune applies to (*,G), 0 Join/prune applies to (S,G)
23 bit - RPT-bit (1 (S,G) info sent toward S, 0 (S,G) info sent toward RP)
-Packets
* Hellos
* Join / Prune
* Graft / Graft ACK
* Assert
PIM Neighbor Discovery
* PIMv2 Hellos (224.0.0.13 - all PIM Router) - 30 sec
* PIMv1 queries to 224.0.0.2 (all-routers)
* on multiaccess DR election (highest IP) - responsible fpr all join and Requests to RP
show ip pim neighbor
test
PIM Neighbor Table
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.0.0.2 FastEthernet0/13 00:00:25/00:01:19 v2 1 / DR S
Router1#
show ip mroutetest
Router1#sh ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel
Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 00:00:30/stopped, RP 0.0.0.0, flags: DL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
FastEthernet0/13, Forward/Dense, 00:00:30/00:00:00
(10.0.0.2, 239.0.0.1), 00:00:30/00:02:55, flags: PLT
Incoming interface: FastEthernet0/13, RPF nbr 0.0.0.0
Outgoing interface list: Null
(*, 224.0.1.40), 00:07:02/00:02:55, RP 0.0.0.0, flags: DCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
FastEthernet0/13, Forward/Dense, 00:03:46/00:00:00
Vlan7, Forward/Sparse-Dense, 00:07:02/00:00:00
Router1#
Note:224.0.1.40 = Cisco AutoRP Discovery Group (on by default)(*,G), (S,G) entries
RPF information (incoming RPF)
RPF neighbor (upstream
OIL (outgoing interface list)
(*,G) created automatically, reflects PIM neighbor adjacency
(S,G) must always have a (*,G) created by multicast data arrival
PIMG DM Sate Flag
D=Dense, C=directly connected, L=Local Router, P=Pruned, T=Forwarding via SPT, J=Join SPT
PIM DM Forwarding
-DM interfaces placed in (*,G) oillist
-(S,G) entries get a copy of (*S,G) minus incoming interface
-PIM DM Prune Delay on Multiaccess (3 Sec)
-PIM DM Grafting
-PIM DM Assert Mechanism
PIM DM Optimization
- State-Refresh-Option (stay pruned)
- eliminates periodic flooding
- improve recovery
- first-hop router sends State-Refresh for each (S,G)
PIM DM Configuration
Multicast-Routing einschalten
Router2(config)#ip multicast-routing
PIM Dense-Mode einschalten
Router2(config-if)#ip pim dense-mode
displays PIM-configured interfaces
Router1#show ip pim interface
Address Interface Ver/ Nbr Query DR DR
Mode Count Intvl Prior
10.0.0.1 FastEthernet0/13 v2/D 1 30 1 10.0.0.2
Router1#
mrinfo - queries what neighbor multicast routers are peering with local router
Router1#mrinfo 10.0.0.1
10.0.0.1 [version 12.2] [flags: PMA]:
10.0.0.1 -> 10.0.0.2 [1/0/pim]
Router1#
RPF-Check
Router1#show ip rpf 10.0.0.1
RPF information for ? (10.0.0.1)
RPF interface: FastEthernet0/13
RPF neighbor: ? (10.0.0.1)
RPF route/mask: 10.0.0.0/24
RPF type: unicast (connected)
RPF recursion count: 0
Doing distance-preferred lookups across tables
Router1#
multicast related information
Router1#show ip igmp interface
FastEthernet0/13 is up, line protocol is up
Internet address is 10.0.0.1/24
IGMP is enabled on interface
Current IGMP host version is 2
Current IGMP router version is 2
IGMP query interval is 60 seconds
IGMP querier timeout is 120 seconds
IGMP max query response time is 10 seconds
Last member query count is 2
Last member query response interval is 1000 ms
Inbound IGMP access group is not set
IGMP activity: 1 joins, 0 leaves
Multicast routing is enabled on interface
Multicast TTL threshold is 0
Multicast designated router (DR) is 10.0.0.2
IGMP querying router is 10.0.0.1 (this system)
Multicast groups joined by this system (number of users):
224.0.1.40(1)
display directly connected multicast groups
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
239.0.0.1 Loopback0 00:17:10 stopped 150.1.7.7
224.0.1.40 FastEthernet0/13 00:19:57 00:02:35 10.0.0.1
Router1#
debug ip mrouting
Router1#debug ip mrouting
IP multicast routing debugging is on
Router1#
00:25:46: MRT(0): Set 'L' flag for (*, 239.0.0.1)
00:25:46: MRT(0): Create (*,239.0.0.1), RPF /0.0.0.0
00:25:46: MRT(0): WAVL Insert interface: FastEthernet0/13 in (* ,239.0.0.1) Successful
00:25:46: MRT(0): Add FastEthernet0/13/239.0.0.1 to the olist of (*, 239.0.0.1), Forward state - MAC not built
00:25:46: MRT(0): RPF lookup for 10.0.0.2[0.0.0.0] (10.0.0.2) returned FastEthernet0/13 10.0.0.2
00:25:46: MRT(0): Set 'L' flag for (10.0.0.2, 239.0.0.1)
00:25:46: MRT(0): Create (10.0.0.2,239.0.0.1),
Router1#RPF FastEthernet0/13/0.0.0.0
debug ip mpacket
Router1#debug ip mpacket
IP multicast packets debugging is on
Router1#
00:26:34: IP(0): s=10.0.0.2 (FastEthernet0/13) d=239.0.0.1 id=3, ttl=254, prot=1, len=118(100), mroute olist null
Router1#
debug ip pim
Router1#debug ip pim
IP multicast packets debugging is on
Router1#
00:28:45: PIM(0): Update FastEthernet0/13/10.0.0.2 to (*, 224.0.1.40), Forward state, by PIM *G Join
00:28:45: PIM(0): Changing DR for FastEthernet0/13, from 0.0.0.0 to 10.0.0.2
00:28:45: PIM(0): Building Graft message for 224.0.1.40, FastEthernet0/13: no entries
00:28:46: PIM(0): Check DR after interface: FastEthernet0/13 came up!
Router1#
Multicast - Implementing Multicast (MCAST V1.0) - Multicast at Layer 2 (3)
IP Multicasting at Layer 2
multicast IP mapped to MAC address
L3 addressing
* IP-Class-D - 224.0.0.0 to 239.255.255.255
* high-order bits "1110" (224.0.0.0/4)
* special group with TTL=1 (link local)
o 224.0.0.1 - all systems
o 224.0.0.2 - all routers
o 224.0.0.4 - DVMRP routers
o 224.0.0.5 - all OSPF Routers
o 224.0.0.6 - all OPSF DRs
o 224.0.0.13 - PIMv2 router
L2 addressing
<---------32bits-IP------------>
<-5bits->
<-24bits-OUI-01-00-5e-->0<-23bits-low-order-IP->
<-----------------48bit-Multicast-MAC---------->
CGMP (Cisco Group Message Protocol)
CGMP packets send by router
0100.0cdd.dddd - CGMP MAC
Router = CGMP Server / Switch = CGMP Client
Ver 4bits, Type 4bits (0000 join - 0001 leave), Reserved 2bits (00), Count (1 byte - Anzahl GDA/USA), GDA 6byte / 6byte USA
GDA = Group destination address
USA = unicast source address
IGMP snooping
switches become IGMP aware, examines the IGMP payload
because routers do not send IGMP reports flooding on router-only-switched network
GMRP (GARP Mulicast Registration Protoco)
runs on hosts and switches
hosts protocol stack must support it
RGMP (Router Group Management Protocol) - RFC3488
allows per port forwarding in router-only-switched networks
Routers send RGMP hellos on (224.0.0.25)
Switch learns about multicast routers
no traffic to directly connected receives -> restricted to IGMP snooping
RGMP routers send (*,G) joins for a group
RGMP switch forwards only groups router needs
multicast IP mapped to MAC address
L3 addressing
* IP-Class-D - 224.0.0.0 to 239.255.255.255
* high-order bits "1110" (224.0.0.0/4)
* special group with TTL=1 (link local)
o 224.0.0.1 - all systems
o 224.0.0.2 - all routers
o 224.0.0.4 - DVMRP routers
o 224.0.0.5 - all OSPF Routers
o 224.0.0.6 - all OPSF DRs
o 224.0.0.13 - PIMv2 router
L2 addressing
<---------32bits-IP------------>
<-5bits->
<-24bits-OUI-01-00-5e-->0<-23bits-low-order-IP->
<-----------------48bit-Multicast-MAC---------->
transmission of 24-01-00-5e-bits + 0 (25th) + 23 low-order-IP-bits = 48 bit Multicast MAC
Be-Aware 32:1 overlap
224.10.0.1
11100000.00001010.00000000.00000001 - 226.10.0.1
11100010.00001010.00000000.00000001
- 236.138.0.1
11100110.10001010.00000000.00000001
= 01-00-53-0a-00-01
L2 Multicast Frame Switching
typical switches treat multicast as unknown or broadcast -> flood on every port
static entries which ports receive which ports
dynamic configuration
Multicast Layer-2 Switching Solutions
- CGMP ( Cisco Group Message Protocol) simple,proprietary, routers and switches
- IGMP snooping (Internet Group Message Protocol Snooping) - complex, standard, proprietary implement, switches only, L3-aware switches
- GMRP (GARP Mulicast Registration Protocol) - standarized, not widely available, swithces and hosts, L2 protocol
- RGMP (Router port Group Management Protocol) - simple, proprietary, routers and switches
CGMP packets send by router
0100.0cdd.dddd - CGMP MAC
Router = CGMP Server / Switch = CGMP Client
Ver 4bits, Type 4bits (0000 join - 0001 leave), Reserved 2bits (00), Count (1 byte - Anzahl GDA/USA), GDA 6byte / 6byte USA
GDA = Group destination address
USA = unicast source address
IGMP snooping
switches become IGMP aware, examines the IGMP payload
because routers do not send IGMP reports flooding on router-only-switched network
GMRP (GARP Mulicast Registration Protoco)
runs on hosts and switches
hosts protocol stack must support it
RGMP (Router Group Management Protocol) - RFC3488
allows per port forwarding in router-only-switched networks
Routers send RGMP hellos on (224.0.0.25)
Switch learns about multicast routers
no traffic to directly connected receives -> restricted to IGMP snooping
RGMP routers send (*,G) joins for a group
RGMP switch forwards only groups router needs
Mittwoch, 11. August 2010
Multicast - Implementing Multicast (MCAST V1.0) - IGMP (2)
Um Traffic einer Multicast-Gruppe zu bekommen muss man am Next-Hop-Router per IGMP (Internet Group Message Protocol) der Gruppe joinen...
IGMP - Internet Group Message Protocol (RFC1112, RFC2236 (v2))
the way hosts tell routers about membership to a multicast group
IGMP v1
Hosts sends a Membership Report
IGMPv2 Querier Election
all routers send query, lowest IP wins
IGMPv2 Maintaining group membership
only one host per group per subnet reports the membership (other host suppress) -> countdown timer)
IGMPv2 Leave Group
one host leaves group (Leave Message)
Router sends Group-specific Query
remaining host sends Report
Group remains active
last router leaves
Router stops forwarding traffic for that group/multicast address
If IGMPv2/v1 router in same segment "ip igmp version 1" must be configured
IGMP - Internet Group Message Protocol (RFC1112, RFC2236 (v2))
the way hosts tell routers about membership to a multicast group
IGMP v1
- Membership Query (TTL=1, sent by Router)
- joining a group : IGMP v1 Type 0x2 Report (by a Host/PC)
- periodic router queries to 224.0.0.1 (all-hosts-multicast-address)
- leaving group silently, group membership times out
- Group specific query - Router sends Group Specific Query to make sure no listener active
- Leave Group Message - hosts can leave a group (reduce leave latency)
- Query election - lowest IP, only router who sends queries
- Query interval response time - time within a host must respond
- Type 8bit - 0x11 Membership Query, 0x12 Version 1 Membership Report, 0x16 Version 2 Membership Report, 0x17 Leave Group
- Max. Response Time : Def:10 sec (in 1/10 sec)
- Checksum 16bit
- Group Address 32bit
Hosts sends a Membership Report
IGMPv2 Querier Election
all routers send query, lowest IP wins
IGMPv2 Maintaining group membership
only one host per group per subnet reports the membership (other host suppress) -> countdown timer)
IGMPv2 Leave Group
one host leaves group (Leave Message)
Router sends Group-specific Query
remaining host sends Report
Group remains active
last router leaves
Router stops forwarding traffic for that group/multicast address
If IGMPv2/v1 router in same segment "ip igmp version 1" must be configured
Multicast - Implementing Multicast (MCAST V1.0) - Introduction (1)
Da nun das IPv6 Multicast Chapter kommt und mir derzeit noch die Multicast Grundlagen fehlen. Geht es weiter mit dem "Implementing Multicast (MCAST 1.0)"
Multicast Routing Protocols
Dense-Mode Protocols
Interdomain Multicast Routing
no standarized protocol
BGMP - Border Gateway Multicast Protocol - development
MBGP/MSDP - Multiprotocol BGP/Multicast Source Discovery Protocol - working solution
MSDP connects PIM SM domains
MBGP - multicast RPF NLRI (checking the source)
unicast NLRI (routing)
MSDP allows RPs (Rendevouz Points) in one domain to annouce their sources to other domains using Source Active (SA) Messages
Multicast Routing Protocols
- dense-mode : push model, flood traffic then prune (all 180 sec)
- sparse-mode : pull model, explicit join behavior
- PIM SM - Protocol Independent Multicast Sparse Mode, supports source, shared trees,pull model, uses RP (rendevouz point) RFC 2362, large scale, optimizations : Bi-directional mode, SSM (source-specific), PROS: traffic to only those who joined, dynamic switch to optimal path, unicast routing protocol independent, basis for interdomain (M-BGP,MSDP)
- DVMRP (v1 obsolet, v2 used on MBONE)
- MOSPF (Multicast OSPF) - uses OSPF LSAs
- CBT (Core Based Trees) - RFC2189 - like PIM - PROS:distribution tree bidirectional, CONS: experimental
Dense-Mode Protocols
- PIM DM - Protocol Independent Multicast Dense Mode, underlying unicast routing for RPF checks, flood and prune ( every 3 mins, 180 sec), designated forwarder on multiaccess networks, non-RPF-flows during inital flooding (discard), prune upstream if no downstream listener, Assert Message stops duplicates on multiaccess networks by comparing distance and metric if router receives (S,G)-packet on OIL (outgoing interface list) -> tie breaker highest IP wins, PRO : easy implement, simple flood and prune mechanism, CONS:inefficient flood and prune
- DVMRP Source Tree - on Multiaccess Networks only one forwarder -> designated Router (highest IP),
- MOSPF - Multicast Info included in OSPF LSAs, Group Membership flooded through OSPF Domain, Dijkstra on every change, scalability problems
Interdomain Multicast Routing
no standarized protocol
BGMP - Border Gateway Multicast Protocol - development
MBGP/MSDP - Multiprotocol BGP/Multicast Source Discovery Protocol - working solution
MSDP connects PIM SM domains
MBGP - multicast RPF NLRI (checking the source)
unicast NLRI (routing)
MSDP allows RPs (Rendevouz Points) in one domain to annouce their sources to other domains using Source Active (SA) Messages
IPv6 - Konfigurations-Beispiele - BGP Peering
Die ersten IPv6-Konfigs und Tests, hauptsächlich im GNS3 auf 7200er Plattform
Topology
1. BGP-Peering with Link-Locals (GNS3)
R1
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
R2
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor FE80::C80E:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
2. BGP-Peering (GNS3,link-local, IPv4 Prefix)
R1
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 10.0.0.1 mask 255.255.255.255
neighbor FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
address-family ipv6
neighbor FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0 activate
network 2001:1::/64
exit-address-family
!
R2
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 10.0.0.2 mask 255.255.255.255
neighbor FE80::C80E:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
address-family ipv6
neighbor FE80::C80E:3AFF:FEB5:1C%FastEthernet1/0 activate
network 2001:2::/64
exit-address-family
!
Im Next-Hop-Attribute für die IPv4/10.0.0.2/32 steht eine
IPv6-Link-local-Adresse, IPv4-Next-Hop müsste mit Route-map gesetzt werden
*Aug 10 10:47:10.431: %BGP-6-NEXTHOP: Invalid next hop (254.128.0.0)
received from FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0: martian next hop
3.BGP Peering (GNS3, link-local, ohne Interface-Angabe)
R1#sh run | incl neighbor
bgp log-neighbor-changes
neighbor FE80::C80F:3AFF:FEB5:1C remote-as 65000
R1#sh ip bgp su
BGP router identifier 10.0.0.1, local AS number 65000
BGP table version is 3, main routing table version 3
1 network entries using 132 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 296 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 28 bytes of memory
BGP using 508 total bytes of memory
BGP activity 3/1 prefixes, 6/4 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
FE80::C80F:3AFF:FEB5:1C
4 65000 0 0 0 0 0 never Idle
R1#
R2#sh run | incl neighbor
bgp log-neighbor-changes
neighbor FE80::C80E:3AFF:FEB5:1C remote-as 65000
R2#sh run | incl neighbor
bgp log-neighbor-changes
neighbor FE80::C80E:3AFF:FEB5:1C remote-as 65000
R2#sh ip bgp su
BGP router identifier 10.0.0.2, local AS number 65000
BGP table version is 3, main routing table version 3
1 network entries using 132 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 296 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 28 bytes of memory
BGP using 508 total bytes of memory
BGP activity 3/1 prefixes, 3/1 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
FE80::C80E:3AFF:FEB5:1C
4 65000 0 0 0 0 0 never Active
R2#
BGP-Peering kommt nicht zustande, da der Router nicht weiss über welches
Interface der BGP-Neighbor zu erreichen ist.
Topology
1. BGP-Peering with Link-Locals (GNS3)
R1
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
R2
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor FE80::C80E:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
2. BGP-Peering (GNS3,link-local, IPv4 Prefix)
R1
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 10.0.0.1 mask 255.255.255.255
neighbor FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
address-family ipv6
neighbor FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0 activate
network 2001:1::/64
exit-address-family
!
R2
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 10.0.0.2 mask 255.255.255.255
neighbor FE80::C80E:3AFF:FEB5:1C%FastEthernet1/0 remote-as 65000
no auto-summary
!
address-family ipv6
neighbor FE80::C80E:3AFF:FEB5:1C%FastEthernet1/0 activate
network 2001:2::/64
exit-address-family
!
Im Next-Hop-Attribute für die IPv4/10.0.0.2/32 steht eine
IPv6-Link-local-Adresse, IPv4-Next-Hop müsste mit Route-map gesetzt werden
*Aug 10 10:47:10.431: %BGP-6-NEXTHOP: Invalid next hop (254.128.0.0)
received from FE80::C80F:3AFF:FEB5:1C%FastEthernet1/0: martian next hop
IPv6-Peering-Adresse -> IPv6 Next-Hop-Adresse
IPv4-Peering-Adresse -> IPv4 Next-Hop-Adresse3.BGP Peering (GNS3, link-local, ohne Interface-Angabe)
R1#sh run | incl neighbor
bgp log-neighbor-changes
neighbor FE80::C80F:3AFF:FEB5:1C remote-as 65000
R1#sh ip bgp su
BGP router identifier 10.0.0.1, local AS number 65000
BGP table version is 3, main routing table version 3
1 network entries using 132 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 296 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 28 bytes of memory
BGP using 508 total bytes of memory
BGP activity 3/1 prefixes, 6/4 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
FE80::C80F:3AFF:FEB5:1C
4 65000 0 0 0 0 0 never Idle
R1#
R2#sh run | incl neighbor
bgp log-neighbor-changes
neighbor FE80::C80E:3AFF:FEB5:1C remote-as 65000
R2#sh run | incl neighbor
bgp log-neighbor-changes
neighbor FE80::C80E:3AFF:FEB5:1C remote-as 65000
R2#sh ip bgp su
BGP router identifier 10.0.0.2, local AS number 65000
BGP table version is 3, main routing table version 3
1 network entries using 132 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 296 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 28 bytes of memory
BGP using 508 total bytes of memory
BGP activity 3/1 prefixes, 3/1 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
FE80::C80E:3AFF:FEB5:1C
4 65000 0 0 0 0 0 never Active
R2#
BGP-Peering kommt nicht zustande, da der Router nicht weiss über welches
Interface der BGP-Neighbor zu erreichen ist.
Abonnieren
Posts (Atom)